Camaleón wrote: > Bob Proulx wrote: > > It may be unintuitive but ignoring client identifier is incorrect. That > > is why patching to do so isn't accepted upstream. Ignoring client > > identifier violates the protocol. See RFC 2131. > > Yes, I guess that's what man page also warns about, so what's the point > in adding a setting that in the end cannot be honored? :-?
What do you mean, cannot be honored? Why can't it be honored? And in fact it does honor it. It works exactly as described. (confused) > *** > The duplicates flag tells the DHCP server that if a request is received > from a client that matches the MAC address of a host declaration, any > other leases matching that MAC address should be discarded by the > server, even if the UID is not the same. This is a violation of the > DHCP protocol, but can prevent clients whose client identifiers change > regularly from holding many leases at the same time. By default, > duplicates are allowed. > *** Wow. It is now an option in the upstream as "deny duplicates;". I did not know it was now available there as an upstream option. I will have to try it and see how it works! But frankly I have never needed it. There are a large number of private addresses available. I have just always made sure I had a large enough pool that it did not matter. A brief search turned up this reference that describes some problems with ignoring the client identifier and the workarounds they implemented in order to workaround the workarounds. http://www.net.princeton.edu/announcements/dhcp-cliid-must-match-chaddr.html I think it is better simply to have enough IP addresses in the pool and then not worry about it. > I mean, the patch is aimed to solve something that is currently there but > is not working or did I miss something? Actually it was I who did not realize that the patch is now in the upstream as "deny duplicates". And not knowing about it I haven't tried it. Will need to test it. > Hum... I was not aware this was part of that well-know-discussed issues, > but regardless its "awareness status", is something that should addressed > at dhcp mailing list. I think is a valid concern for users and they > deserve a proper response, whatever it be. I admit to not knowing but it seems to me that the response must have been the addition of "deny duplicates;". Assuming that does what it says it does in the documentation. Bob
signature.asc
Description: Digital signature
